Total control over your Personal Data via the Token-based Loyalty Program
Tokenization is the process of converting meaningful data, such as the payment card number, into a random string of characters called a token that has no value if breached. Tokens reference the original data, but cannot be used to extract the information behind the token. Tokens are widely used in the payment card industry to protect the primary account number (PAN) of cardholders from hacking or unauthorized use. Both Apple Pay and Google Pay use tokens to facilitate contactless (NFC) payment via mobile devices.
The Token-based loyalty program repurposes an industry standard to allow payment cardholders to participate in unlimited merchant loyalty programs without disclosing their personal and confidential information. Currently merchants require a new member to share their personal data, such as phone number, email address, or driving license, before enrolling them into their loyalty program. This practice often results in serious and unintended consequences.Â
The Token-based loyalty program gives customers peace of mind from hacking and loss of personal data. Customers can participate in unlimited merchant loyalty programs without disclosing their personal and confidential information. Customers do not even have to acquire a new co-branded card to participate in a loyalty program. They can use an existing card or even cash to earn reward points.
Merchants and vendors can reward customers for their transactions inside their stores/partner network and also for sharing their purchasing data at other establishments. A customer can enroll in this program by first creating an account on the ValiDeck platform. Once the account is created, the customer can tokenize their payment cards and register their payment card tokens in their ValiDeck account. Thereafter, every time a tokenized card is used for purchase, a record of the transaction is stored in the merchant’s account and the customer’s account.
Registering Tokenized Cards on ValiDeck
ValiDeck account holders request their payment card issuers to tokenize their payment card.
ValiDeck partner banks and card issuers tokenize payment cards issued by them and encrypt the token with the ValiDeck public key. The token is stored in the issuer database as a Key : Value pair with the matching card number.
Payment card issuers send the encrypted token to ValiDeck. The tokens can be decrypted only via the matching private key available at the ValiDeck platform.
ValiDeck decrypts the token and stores it in a queue. It then sends a notification of this to the issuer, which notifies the customer that the token is available for registration.
The customer registers the token into its account on the ValiDeck platform.
Linking Tokenized Cards with Transactions
ValiDeck account holders are able to capture their transaction records/invoices online into their account. To save the transaction record into their account, they use their payment card like any ordinary person. The card can be tapped, swiped, or inserted into a payment cube.
ValiDeck partner businesses and service providers request their acquiring bank for an authorization of the transaction and the token number linked to the card. The acquiring bank forwards this request to the payment network, which subsequently passes it to the payment card issuer.
Payment card issuers look up the customer account balance and authorize the transaction. The authorization is sent along with the linked token number to the payment network which forwards it to the acquiring bank. The token number is encrypted with the ValiDeck public key.
ValiDeck partner businesses and service providers receive the transaction authorization and the token number from the acquiring bank. The transaction record is linked with the token number via an API call and transmitted to the ValiDeck platform.
The ValiDeck system decrypts the token number and looks up the customer account containing the token number. Once the customer account is found, the transaction record is written into the ValiDeck database and linked to the customer account number.
